Net::HTTP doesn't honor parameters set in OpenSSL::Config::DEFAULT_CONFIG_FILE

I observe that Net:HTTP does not honor parameters set in OpenSSL::Config::DEFAULT_CONFIG_FILE (i.e.: /usr/lib/ssl/openssl.cnf).

For example, if you set the following parameter in /usr/lib/ssl/openssl.cnf (symlinked to /etc/ssl/openssl.cnf):

```
[system_default_sect]
Options = UnsafeLegacyRenegotiation,UnsafeLegacyServerConnect
```
Net::HTTP sessions will not honor this configuration, but a similar client-side tool (i.e.: `openssl s_client`) will. It appears that the values in the config file are simply ignored, or not read in at all so I'm left with wondering how to change a default openssl configuration item (absent a hack like mucking with `OpenSSL::SSL::SSLContext::DEFAULT_PARAMS[:options]`

I had the following versions configured on an ubuntu (Ubuntu 22.04.3 LTS) host for this testing:
```
OpenSSL 3.0.2 15 Mar 2022 (Library: OpenSSL 3.0.2 15 Mar 2022)
RUBY_VERSION -> "3.1.3"
```

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Net::HTTP doesn't honor parameters set in OpenSSL::Config::DEFAULT_CONFIG_FILE #158

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Net::HTTP doesn't honor parameters set in OpenSSL::Config::DEFAULT_CONFIG_FILE #158

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions